Learn from Real-life Successes

Not Every Industry, or Employee, Is the Same

The most common insider-related incidents vary depending on the industry. Healthcare organizations have a different threat profile than financial institutions, which are different than software vendors. Companies should make sure to create an insider threat program appropriate to their industry’s needs and natures.

“Financial services and services organizations have the highest average activity costs. The average activity cost for financial services is $21.25 million and services is $18.65 million. Service organizations represent a wide range of companies including accounting, consultancy and professional service firms.”

Source: 2022 Ponemon Cost of Insider Threats: Global Report

See how a major financial services firm tackles insider threats
“Adding ArcSight Intelligence for Crowdstrike and the threat hunting service to our CrowdStrike and MSSP infrastructure significantly reduced our risk of reputational damage by protecting our sensitive customer data.”

Security Manager, Large Financial Services Organization

Healthcare, one of the most rigorously regulated industries, deals with some of the most sensitive data and faces significant insider threats with dire consequences. The United States Department of Health and Human Services issues advisory on insider threats in healthcare industry.
See how a major healthcare provider thwarts insider attacks.
“ArcSight Intelligence found a successful authentication to a rarely used server, which attempted to access servers globally. Narrowed down to an administrator who was dismissed as a result, ArcSight Intelligence then spotted the same account trying to re-authenticate after the individual had been terminated. All attempts were identified and neutralized.”

Chief Information Security Officer Large Healthcare Organization

“The industry’s attack surface is expanding as retailers of every shape and size look to boost sales and improve efficiency by harnessing the latest data-driven technologies.” … “Insider threats in retail are also rising. Employee turnover is high, and the typical retailer has many points of insider vulnerability, including seasonal and traditional employees, as well as numerous stores and distribution centers. Many retailers also outsource some of their business processes to third parties.”

Global Cyber Executive Briefing, Retail, Deloitte

See how a major on-line retailer uses ArcSight Intelligence and CrowdStrike to prevent breaches
“Because of the way ArcSight Intelligence interacts with our data and users, Micro Focus is the only service provider that has knowledge of our corporate plans and related strategic initiatives, so that they can adjust how behaviors are monitored and evaluated. This level of trust and confidence is rare, but well-earned.”

Chief Security Information Office Large Online Retailer

Up next:

Conclusion